Re: [quicwg/base-drafts] describe how 0-RTT is accepted and rejected (#2841)
Kazuho Oku <notifications@github.com> Wed, 26 June 2019 01:21 UTC
Return-Path: <noreply@github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E2EB71200DF for <quic-issues@ietfa.amsl.com>; Tue, 25 Jun 2019 18:21:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8
X-Spam-Level:
X-Spam-Status: No, score=-8 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_HI=-5, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OpGQKYIoLopV for <quic-issues@ietfa.amsl.com>; Tue, 25 Jun 2019 18:21:41 -0700 (PDT)
Received: from out-4.smtp.github.com (out-4.smtp.github.com [192.30.252.195]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 230E2120041 for <quic-issues@ietf.org>; Tue, 25 Jun 2019 18:21:41 -0700 (PDT)
Date: Tue, 25 Jun 2019 18:21:39 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=github.com; s=pf2014; t=1561512099; bh=yxmSaYrhxeGI4xBkyoZ/ORV0D7AQzzZoIV7HiOM0ync=; h=Date:From:Reply-To:To:Cc:In-Reply-To:References:Subject:List-ID: List-Archive:List-Post:List-Unsubscribe:From; b=v7NmOO5mVJAJ9pc+Resa5qtKTK8HoQrlU8x9uxklegYeMKoA0bEwjwL5aUIFS35bl TjL20fdsvaqsbBdTPjPWuV2OHLZSki4++TdI1Rtcr6nR2kRsjm/MLAkfnvH0I5ixpN EaaIxhNU8UtldjpXc1QDTCWSgrHBQ9VS7ZLK7kz8=
From: Kazuho Oku <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+AFTOJKZCBW5XWH7GWPPWLHF3D75SHEVBNHHBW3JQOA@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/pull/2841/review/254342394@github.com>
In-Reply-To: <quicwg/base-drafts/pull/2841@github.com>
References: <quicwg/base-drafts/pull/2841@github.com>
Subject: Re: [quicwg/base-drafts] describe how 0-RTT is accepted and rejected (#2841)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5d12c8a3845ef_7a763faa17acd96418362"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: kazuho
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/plsFIbm8D3He6pSwprncn9m1XGw>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.29
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Jun 2019 01:21:43 -0000
kazuho commented on this pull request. > -A server rejects 0-RTT by rejecting 0-RTT at the TLS layer. This also prevents -QUIC from sending 0-RTT data. A server will always reject 0-RTT if it sends a -TLS HelloRetryRequest. +A server rejects 0-RTT by sending a ServerHello without the EarlyDataIndication. +A server will always reject 0-RTT if it sends a TLS HelloRetryRequest. When +rejecting 0-RTT, a server MUST NOT process any 0-RTT packets, even if it is in +possesion of the keys to do so. When 0-RTT was rejected, a client MUST treat +receipt of an acknowledgement for a 0-RTT packet as a connection error of type @marten-seemann The spec having different packet number spaces does not necessarily mean that every QUIC stack should be having different PN counters for each number space for the packets it sends. It is entirely plausible for a QUIC stack to use just one packet number space for the packets it sends. That said, ... > as you point out in https://github.com/quicwg/base-drafts/pull/2841#discussion_r297128544, we're using a SHOULD elsewhere, so for consistency I changed it to a SHOULD here as well. Thank you for the change. I appreciate it. > I don't think that we need a "if it is able to detect the condition" sub-clause here, as the SHOULD already allows you to skip the check, if your implementation is not able to perform it. IIRC, the sub-clause "if it is able to detect the condition" was added intentionally to the general rule, because people were concerned about the text being interpreted as to recommend having a way to detect such errors. I think the text proposed in this PR has the same problem, and my preference is to address it in the same manner. I think that one path forward might be to, instead of clarifying the action here, incorporate the handling of acknowledgements of 0-RTT packets into the provision of 13.1.1. I mean, changing > An endpoint SHOULD treat receipt of an acknowledgment for a packet it did not send as a connection error of type PROTOCOL_VIOLATION, if it is able to detect the condition. to something like: > An endpoint SHOULD treat receipt of an acknowledgment for a packet that the server would not have processed as a connection error of type PROTOCOL_VIOLATION, if it is able to detect the condition. This includes receiving an ACK frame containing a packet number that the endpoint has not sent, as well as acknowledgements for 0-RTT packets when the server has rejected the use of 0-RTT. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/pull/2841#discussion_r297452432
- [quicwg/base-drafts] describe how 0-RTT is accept… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… MikkelFJ
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… David Schinazi
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… David Schinazi
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… David Schinazi
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… MikkelFJ
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Kazuho Oku
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Kazuho Oku
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… monkey-mas
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Kazuho Oku
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Kazuho Oku
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… ianswett
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Kazuho Oku
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Martin Thomson
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Kazuho Oku
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Kazuho Oku
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Kazuho Oku
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Kazuho Oku
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Kazuho Oku
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Kazuho Oku
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Kazuho Oku
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Marten Seemann
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Kazuho Oku
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Martin Thomson
- Re: [quicwg/base-drafts] describe how 0-RTT is ac… Martin Thomson